package com.dongdong.controller.realm;



import com.dongdong.api.AdminServiceApi;
import com.dongdong.api.SellerServiceApi;
import com.dongdong.model.TAdmin;
import com.dongdong.model.TbSeller;
import com.dongdong.model.TbUser;
import com.dongdong.service.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

public class UserRealm extends AuthorizingRealm {

    @Autowired
    private UserService userService;

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("执行授权认证逻辑");

/*        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.addStringPermission("movie_delete");    //给所有人删除权限
        return info;*/

        return null;

    }

    //认证（登录）
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //模拟数据库数据
//        String username = "123";   //用户名
//        String password = "123";   //密码

        System.out.println("登录认证");
        //拦截到controller认证请求  1.强转
        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;

            //链接数据库数据
            TbUser tbUser = userService.selectUserByUsername(token.getUsername());
            //2.判断用户名是否存在
            if(tbUser==null){
                return null;
            }
            //3.校验密码
            //SimpleAuthenticationInfo loginRealm = new SimpleAuthenticationInfo(tUser, tUser.getPassword(), "loginRealm");
            SimpleAuthenticationInfo userRealm = new SimpleAuthenticationInfo(tbUser,tbUser.getPassword(), ByteSource.Util.bytes(tbUser.getSalt()), "UserRealm");
            System.out.println("执行登录认证逻辑");
            return userRealm;

    }


















}
